New Purview features that had us at hello
One of the biggest benefits of using Microsoft 365 is that it’s a living ecosystem – it never stops rolling out new features and functionality.
Some releases are, of course, more exciting than others. Suffice to say: Microsoft Purview’s new Adaptive Protection (available in preview) had us salivating the moment news broke of its release.
This nifty new addition to the Purview suite promises to take insider risk mitigation to the next level by integrating three of our favourite things: Purview Insider Risk Management, Purview Data Loss Prevention (DLP) and a healthy dose of Machine Learning.
But what, exactly, does Adaptive Protection do?
Adaptive Protection essentially acts as a hall monitor, hovering in wait for users flagged as engaging in risky behaviour by Insider Risk Management. When that happens, Adaptive Protection steps in, checks the risk level assigned to the user by Insider Risk Management, and then automatically applies the most effective DLP policy to protect the organisation against the behaviour associated with this risk level.
It doesn’t stop there, either. As user risk levels change in Insider Risk Management (which continuously analyses user behaviour using machine learning models), Adaptive Protection will adjust the DLP policies governing their actions. Riskier activities will result in higher DLP controls, while a decrease in risky behaviour could see DLP policies relaxed.
The result (in theory, at least – this is all new functionality) is that users will always be subject to the most appropriate DLP policies for their current risk level, giving them as much (or as little) freedom (also reducing risks of false positives), as they can safely be trusted with. Maximum productivity, minimum risk.
For many of our customers all this technology may sound too far off to be significant, but what we have learned is that the organsiations we work with on a Purview compliance journey accelerate their maturity very quickly and adopting new features becomes a natural next step to the existing policies they are already running with. To us, that sounds a lot like the beginning of the end for static DLP policies, and the start of a very exciting new age of… well… Adaptive Protection.